The increasing use of computing devices in all manner of tasks including handling of commercially valuable or personally identifiable information, performing important financial transactions, and controlling dissemination of confidential information has made the ability to authenticate computing devices as being trustworthy ever more important. Over time, various digital signature systems have been devised to enable a computing device to prove itself to be trustworthy, but various issues have arisen along the way.
Earlier digital signature systems involved the use of private keys by computing devices seeking to prove their trustworthiness in a manner that made the private keys assigned to those computing devices all too vulnerable to becoming compromised, and that enabled the identity of those computing devices and/or their operators all too easy to determine. Some proposals attempted to address these concerns by providing an issuer of keys that would be constantly available to fill requests for private keys for every instance in which a computing device needed a private key to prove itself trustworthy, but the provision of such a constantly available issuing service proved impractical. More recently devised digital signature systems, including direct anonymous attestation (DAA) and a variant of DAA promulgated by Intel® Corporation called Enhanced Privacy ID (EPID), have sought to remedy these issues by using various techniques to provide greater security for private keys assigned to computing devices, to enable the use of digital signing to prove trustworthiness in a manner preserving anonymity, and to make the issuing of keys far more infrequent.
However, despite all of the improvements provided by such recent digital signature systems, vulnerabilities to side-channel attacks to surreptitiously derive private keys remain, including monitoring execution of branch instructions, monitoring memory and/or cache accesses, and monitoring procedure execution times, etc., as calculations that implement portions of a digital signature system are performed.